<%@ page import="java.sql.Connection" %>
<%@ page import="java.sql.DriverManager" %>
<%@ page import="java.sql.PreparedStatement" %>
<%@ page import="java.sql.ResultSet" %>
<%--
  Created by IntelliJ IDEA.
  User: Wangliwei
  Date: 2017/6/19
  Time: 9:09
  To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title></title>
</head>
<body>
<%!
  String DBDRIVER			= "com.mysql.jdbc.Driver" ;
  String DBURL			= "jdbc:mysql://127.0.0.1:3306/student" ;
  String DBUSER			= "root" ;
  String DBPASSWORD		= "" ;
  Connection conn			= null ;
  PreparedStatement pstmt	= null ;
  ResultSet rs			= null ;
%>
<%// 声明一个boolean变量，用于保存用户是否合法的状态
  boolean flag = false ;// 接收参数
  String id = request.getParameter("id") ;
  String password = request.getParameter("password") ;
%>
<%String sql = "SELECT name FROM person WHERE id=? and password=?" ;
  try{
    Class.forName(DBDRIVER) ;
    conn = DriverManager.getConnection(DBURL, DBUSER, DBPASSWORD) ;
    pstmt = conn.prepareStatement(sql) ;
    pstmt.setString(1,id) ;
    pstmt.setString(2,password) ;
    rs = pstmt.executeQuery() ;
    if(rs.next())
    {  flag = true ;
      // 将用户名保存在session之中
      session.setAttribute("uname",rs.getString(1)) ;
    }else{// 保存错误信息
      request.setAttribute("err","错误的用户名及密码！！！") ;}
    rs.close() ;
    pstmt.close() ;
    conn.close() ; }
  catch(Exception e) {}%>
<% if(flag) {// 用户合法%>
<jsp:forward page="Login_success.jsp"/>
<%}else{// 用户非法
%><jsp:forward page="Login.jsp"/>
<%}%>


</body>
</html>
